This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Arbitrary Code Execution in Microsoft Internet Explorer - 03 Aug 2004

DESCRIPTION
Three vulnerabilities in IE could result in the remote execution of arbitrary
code on the vulnerable system. These three vulnerabilities are:

Navigation method cross-domain
vulnerability:
A remote–code-execution vulnerability exists in IE because of the way it
handles navigation methods. An attacker could exploit the vulnerability
by constructing a malicious Web page that could potentially allow remote
code execution if a user visited a malicious Web site. An attacker who
successfully exploited this vulnerability could run malicious script
code in IE's Local Machine security zone. If a user is logged on with
administrative privileges, this could let the attacker take complete
control of an affected system.

Malformed .bmp file buffer-overrun
vulnerability:
A buffer-overrun vulnerability exists in the processing of .bmp image
file formats that could allow remote code execution on an affected
system. If the user is logged on with administrative privileges, an
attacker who successfully exploited this vulnerability could take
complete control of the affected system.

Malformed .gif file double-free
vulnerability:
A buffer-overrun vulnerability exists in the processing of .gif image
file formats that could allow remote code execution on an affected system.
If the user is logged on with administrative privileges, an attacker who
successfully exploited this vulnerability could take complete control of
the affected system. Users whose accounts are configured to have fewer
privileges on the system are at less risk than users who operate with
administrative privileges.

VENDOR RESPONSEMicrosoft has released
bulletin MS04-025, "Cumulative Security Update for Internet
Explorer (867801)," to address these vulnerabilities and recommends that
affected users apply the appropriate patch listed in the bulletin.